Verify any Crovia Seal — offline, in your browser
Paste a seal JSON or a whole seals.jsonl chain. CSC-1 bytes, Ed25519 signature, hash links — checked client-side. Nothing uploaded.
Verify a seal →
Open Standard · Apache 2.0 · CC0 spec

The DKIM of
the AI era.

Crovia Seal is a tamper-evident, cryptographically signed receipt — about 500 bytes of canonical JSON — attachable to any AI output: text, code, image, audio. Anyone can issue. Anyone can verify, offline, in three lines of Python. No vendor lock-in, no central server, no token, no consensus protocol. Just signatures and hash chains, the way standards should be.

Spec version
v0.5
draft · impl-complete
Reference impls
2
Python · TypeScript
Tests passing
208 / 208
across 4 packages
IETF Internet-Draft
draft-01

AI outputs are generated billions of times per day with zero forensic trail. When one causes harm — a copyright claim, a defamation lawsuit, a regulatory inquiry — the evidence needed to reconstruct what happened has already evaporated. The logprobs are gone. The model state is gone. The input–output link is unverifiable.

Crovia Seal fixes this, by design, without requiring cooperation from model vendors. The seal can be emitted client-side — by a proxy, by a browser extension, by an IDE plugin. It becomes the DKIM of the AI era: silent, ubiquitous, eventually mandatory.

What Seal is not: not a judge, not a detector, not a blockchain, not surveillance. A seal commits to hashes of input/output, not the content itself. Privacy-preserving checks via optional ZK proof bundles are part of the extended spec. The seal records facts; courts judge.

Five things only Seal does

that no other receipt format does
01 · CSC-1

Canonicalization that cannot ambiguate

A strict subset of RFC 8785 that forbids floating-point in signed payloads. The exact bytes that get signed are fully derivable from the seal — with one canonicalization algorithm and no edge cases.

02 · CIM

Invisible mark that survives copy-paste

Crovia Invisible Mark: zero-width Unicode steganography that embeds the seal_id directly inside the AI output. The text travels through Word, Telegram, court filings — the seal id rides along, invisible.

03 · drand anchor

Cannot be back-dated, ever

Optional anchor against public randomness beacons (drand by League of Entropy). A seal that anchors to round R proves it was created after the moment R was published. Combined with our substrate's Bitcoin anchor: temporal proof at two layers.

04 · Browser extension MV3

Adoption without permission

Detectors implemented for ChatGPT, Claude, Gemini, Perplexity. A «Seal» button appears next to every AI answer. One click, the response is sealed with a local Ed25519 key and copied to your clipboard with the CIM embedded.

05 · OpenAI-compatible proxy

One env var, full conformance

Drop-in replacement for api.openai.com that seals every response. CROVIA_INJECT_CIM=true, CROVIA_BEACON_ANCHOR=true, done. Your enterprise AI is provenance-compliant by default.

Adopt in 60 seconds

five paths · pick yours
01 · AI company

Put the proxy in front of your model

Every response you serve carries a cryptographic receipt. Auditors, regulators, and users can prove a given output is — or is not — authentically from your system, regardless of the path it travelled.

# add the proxy in front of your endpoint
pip install -e integrations/proxy
CROVIA_UPSTREAM_URL=http://your-model:8000 \
CROVIA_INJECT_CIM=true \
CROVIA_BEACON_ANCHOR=true \
crovia-proxy --port 443
02 · Individual user

Install the browser extension

Every time you use ChatGPT / Claude / Gemini / Perplexity, a Seal button appears next to each answer. One click — the response is sealed with your local Ed25519 key and copied with an invisible Crovia mark that survives paste.

# build the extension (Chrome/Firefox MV3)
cd integrations/browser-extension
npm install && npm run build

# load the dist/ folder as an unpacked extension
03 · Verifier (lawyer / journalist)

Verify a seal in three lines

You received a text claiming to be from an AI. Open the in-browser verifier, paste the seal: signature, canonical bytes and chain links are checked client-side, offline. Or do it in three lines of Python:

# offline verification, no network
from crovia_seal import verify_seal
import json

seal = json.loads(open("received.seal.json").read())
vr = verify_seal(seal, issuer_pubkey_hex="<pinned key>")
assert vr.ok, vr.errors
04 · Infrastructure operator

Run a transparency log

Public append-only log of every seal an issuer commits to. Download the chain, prove inclusion, catch re-writes. Crovia runs the first mirror — conformance vectors live today; production issuers onboard via Causari.

# browse the public log
curl https://croviatrust.com/registry/data/seal/public_log.jsonl

# human-readable view
open https://croviatrust.com/registry/seal/log/

Open Seal Transparency Log →

05 · Software team

Seal every AI-written line of code

Causari — the first production Seal issuer — is a Rust proxy that sits between your coding agent and the model. Every completion gets a signed, hash-chained receipt; the chain verifies offline against the normative conformance vectors.

# one flag: every completion sealed
re proxy --seal
#  • gpt-4o  42→18 tok  🔐 cs_2026_Q7RM…

re seal verify
# ✓ 128 seal(s) verified - chain contiguous

What a seal looks like

~500 bytes of canonical JSON

A seal is a single, self-describing JSON object. Below is a minimal example. The signature is computed over the CSC-1 canonicalization of every other field, with a domain-separated prefix ("CROVIA-SEAL-v1").

{
  "seal_version":    "crovia-seal-v1",
  "seal_id":         "sl_a8f2c4b919e7…",
  "issuer": {
    "id":            "crovia-proxy.example.com",
    "pubkey_alg":    "Ed25519",
    "pubkey":        "0xabd5…"
  },
  "generator": {
    "vendor":        "openai",
    "model":         "gpt-4o-2024-11-20",
    "params": {
      "temperature": "0.7"     // strings, not floats (CSC-1)
    }
  },
  "subject": {
    "input_hash":    "sha256:c5f0…",
    "output_hash":   "sha256:9b1a…",
    "output_length": 2174
  },
  "chain": {
    "prev_seal_id":  "sl_77e2b9c3…",
    "index":         42891
  },
  "anchors": {
    "drand_round":   3914027,
    "tlog_inclusion": "<optional RFC 6962 proof>"
  },
  "issued_at":       "2026-05-03T17:43:29Z",
  "signature":       "Ed25519:…"
}

Seal & Substrate — two halves of the same thesis

complementary, not competing

Substrate (the AXIOM ledger you see at /substrate/ and /chains/) is what Crovia observes about the rest of the AI world — signed forensic evidence we operate as a public service.

Seal is what Crovia gives back to the world — an open, permissionless protocol primitive anyone can run. It is not a service we sell. It is a standard we steward.

Substrate proves Crovia knows how to design append-only signed history. Seal is the productization of that knowledge for everyone else's AI outputs. Together they form a complete provenance fabric: what the world said, and what every AI output proved about itself when it was uttered.

Get involved

open standard, open implementation

Permissionless by design.

No registration. No API key. No rate limit. The license is Apache 2.0 on code, CC0 on the specification text. You do not need our cooperation to start sealing AI outputs today.

IETF Internet-Draft
on IETF datatracker · Independent Submission
Open-source repository
spec, reference impl, conformance suite, CI green
Spec text
v0.5 · CC0 dedication
Threat model
attacks in scope & mitigations
Crovia trust root
our issuer Ed25519 public key
Contact
spec feedback · interop · adoption

Seal Ceremony — for vendors

the standard is free · the ceremony is a service

The Seal standard costs nothing and never will — Apache 2.0 code, CC0 spec, permissionless forever. What Crovia offers on top, as a service, is the Seal Ceremony: a witnessed, Bitcoin-anchored certification of a model release, run with your team. Your release gets a public, independently verifiable receipt in the Crovia ledger — the strongest possible answer to any future «you never disclosed» claim.

Request a Seal Ceremony [email protected] · answered within 24h